Table of Content

    15 May 2018, Volume 4 Issue 5
    Guiyang Taking Actualization to Ensure the Security of Big Data
    2018, 4(5):  394-401. 
    Asbtract ( )   PDF (1599KB) ( )  
    Related Articles | Metrics
    The Highlights, Pain Points and Priority of Cyber Security Attack and Defense Drill
    Hao Yeli
    2018, 4(5):  402-404. 
    Asbtract ( )   PDF (738KB) ( )  
    Related Articles | Metrics
    Improve Cyber Confrontation Capability in Actual Combat Experience
    2018, 4(5):  405-406. 
    Asbtract ( )   PDF (896KB) ( )  
    Related Articles | Metrics
    Enlightenment and Thinking of Guiyang Real Network Attack and Defense Rehearsal
    2018, 4(5):  407-409. 
    Asbtract ( )   PDF (855KB) ( )  
    Related Articles | Metrics
    Practical Confrontation Promote the Development of Sustainability —Comments on Network Attack and Defense Drill in Actual Bigdata Environment
    2018, 4(5):  410-411. 
    Asbtract ( )   PDF (707KB) ( )  
    Related Articles | Metrics
    Three Essential Elements of CPU Ownership & Controllability
    2018, 4(5):  412-414. 
    Asbtract ( )   PDF (831KB) ( )  
    Related Articles | Metrics
    Research of the Scenes in the Cyberspace Game
    2018, 4(5):  415-419. 
    Asbtract ( )   PDF (1454KB) ( )  
    References | Related Articles | Metrics
    With the comprehensive internetization of social fundamental industries, the network security situation has become increasingly severe. A case of Guiyang big data security drill is firstly introduced to point out that people are the core of network security. Second, we emphasize the “scenes” as one of the key factors to determine the effectiveness of talents training mode, which further influence the initiative of cyberspace game. However, for a long time, we have not paid enough attention to the accumulation of scenes and the retained methods of scenes mainly focus on text description. There is still a huge space for deep mining and utilizing the value of scenes for both security companies and users. Then Cyber Range is introduced as the infrastructure of generating and accumulating “scenes”. Based on analyzing the stateofart of Cyber Range of the United States and other developed countries, the key techniques of Cyber Range are described. Lastly, the functions that the Cyber Range should possess and applications in various fields such as product evaluation, mission rehearsal, architecture analysis, etc. are presented.
    The Security Drill Real Internet Targets in a City Range
    2018, 4(5):  420-425. 
    Asbtract ( )   PDF (1459KB) ( )  
    References | Related Articles | Metrics
    Network attack and defense drills are important tools to detect security problems and improve security. China has attached great attention to network security especially after entering the era of big data in which the data resources became national strategic resources. How to protect the data generated and aggregated by key infrastructure, IOTs and big data platforms becomes a new challenge. Guiyang City, as the core area of Chinese first big data comprehensive pilot area, first tested the security of big data, creatively held Guiyang big data and network security drills featuring real network targets. Drill platforms, drill organizations and implementation methods for drill have achieved good results.
    The Development of Digital Economy Urgently Needs to Strengthen the Protection of Critical Information Infrastructure
    2018, 4(5):  426-429. 
    Asbtract ( )   PDF (949KB) ( )  
    References | Related Articles | Metrics
    In the information age, the digital economy driven by data will promote the transformation and upgrading of industries, give impetus tothe transformation of old and new drivers, and promote supplyside structural reform. As an important platform for carrying out economic and social operation, the critical information infrastructure supports the stable operation of the digital economy and faces serious cyber security threats. This paper expounds the important role of critical information infrastructures to support the development of digital economy, and analyzes the serious challenges it has to face. This paper puts forward to strengthening the protection of critical information infrastructure and build, four abilities including question breakthrough force, safety early warning, emergency response and security controllability to promote active defense of critical information infrastructure. It will ensure the cyber security of economic and social networks and help the healthy development of the digital economy.
    Research on the Design of Cyber Space Security Range
    2018, 4(5):  430-432. 
    Asbtract ( )   PDF (999KB) ( )  
    References | Related Articles | Metrics
    China faces a serious cyber security situation. The cyber security range can enhance the network security protection. Based on the research status at home and abroad, This paper proposed a cyber space security range which consists of virtual resource pool, attack domain, defense domain, simulation domain, dynamic security protection domain and training domain. The cyber space security range provides security countermeasures, safety assessment, scientific innovation and personnel training. The cyber security range is instructive to the national network confrontation experiment.
    A Discussion of Information Security Detection Technology Under the Environment of Big Data
    2018, 4(5):  433-439. 
    Asbtract ( )   PDF (1855KB) ( )  
    References | Related Articles | Metrics
    This paper demonstrates the importance of information security under the big data environment through frequent information security incidents and relevant literature in recent years. Combining the major information security events at home and abroad, the new characteristics of information security under the big data environment, including comprehensive security, scale security, ubiquitous security and cross-domain security, are expounded. It summarizes the challenges of information security under the big data environment and puts forward new requirements, new paths and new ideas for information security management. Meanwhile, it discusses information security detection technologies and its development trends in the big data environment. Finally, the article describes the work done by the Guizhou Aerospace Institute of Measuring and Testing Technology in the field of big data security in recent years, and the perspectives of the development trend of information security detection technology are going to be discussed. These are of great theoretical and practical value for Guizhou Province to implement the great action of “Million Enterprise Integration”, fight against the “Digital Economy”, and to promote China's implementation of the cyber power strategy, national big data strategy and national security strategy.
    The Method and Practice of Smart and Precise Detection of Cyber Attacks
    2018, 4(5):  440-446. 
    Asbtract ( )   PDF (1639KB) ( )  
    References | Related Articles | Metrics
    With the fastevolving cyber threat landscape, how to transform the limited signaturebased preventing and detecting method to defend against the everchanging cyber attacks has become the priority of cybersecurity defense in the new era. The only effective way to combat cyber attacks lies in the improved detection, monitoring and traceability of attackers. Beijing AISec proposes the correation analysis detection by intelligent algorithms, which based on the Netflow and sFlow protocol field fusion. This method firstly overcomes the disadvantages of the data limitation of a singular network protocol, and reduces the network data storage capacity and the running hosts CPU load rate. Secondly, by utilizing the intelligent algorithms, precise detection of attacking behaviors become realized. Lastly, by applying the concepts of Web application attack lifecycle, the detection result is able to be visualized explicitly.
    Practice on Operator Sensitive Data Encryption and Decryption Strategy Based on Large Data Environment
    2018, 4(5):  447-452. 
    Asbtract ( )   PDF (2418KB) ( )  
    References | Related Articles | Metrics
    Big data has brought new development opportunities to the communication industry and also brought a lot of safety problems such as it could easily produce the background system security protection level lags behind the business development situation. In this paper, we propose a new static and decryption strategy for sensitive data in the large data platform, aiming at the new technical features of big data and the application of business new forms. Based on symmetry of AES encryption algorithm optimization to realize the dual mode static desensitization of the original data, make sure to privacy will not affect the system performance, and to achieve dynamically invoke a particular algorithm decryption according to particular demand and meet different business scenarios. It makes the enterprise big data front and backstage are all secure and private which protects the inside part while plays the greater value in the external.
    Key Information Infrastructure Security Assurance Practice Based on State Commercial Cipher Service
    2018, 4(5):  453-457. 
    Asbtract ( )   PDF (3053KB) ( )  
    References | Related Articles | Metrics
    IOT has brought convenient and efficient for peoples modern work and life, at the same time, the number of network information security incidents has increased dramatically. These incidents have sounded the alarm for the secure interconnection of all things in the network environment. Cyber security has become a core issue that has constrained the level of informatization in China. It is necessary to solve the problem of certification and trust in people, machines and objects, and solve issues such as data security, payment security and access security, increasing mutual trust, promoting cooperation, promoting sharing and encouraging innovation. By giving full play to the basic supporting role of commercial ciphers. We have built an autonomous and controllable commercial cipher service infrastructure to support the construction of cyberspace governance systems and ensure cyber security in key areas as well as safeguard citizens legitimate rights and interests.
    Assurance Technical Requirements for the Authenticity of Electronic Documents
    2018, 4(5):  458-466. 
    Asbtract ( )   PDF (2122KB) ( )  
    References | Related Articles | Metrics
    This paper reviews the development circumstances of the e-records authenticity assurance technology, while systematically introduces the state-of-art of the technology of authenticity of e-records assurance and a new security technology system on the authenticity of e-records is proposed. With introducing of the authenticity assurance mechanism based on the e-record identity, the key technique system is described in detail. The system comprehensively adopts the domestic cipher algorithm, which can further advance the level of technology on domestic e-records administration.
    Scheme on Track and Liability for Cloud Audit Data
    2018, 4(5):  467-472. 
    Asbtract ( )   PDF (2267KB) ( )  
    References | Related Articles | Metrics
    With the advent of cloud computing platform, the cloud audit mode gradually becomes the new development trend in audit industry. However, cloud audit brings opportunities to the development of auditing industry while bringning unprecedented challenges. The internal data security issues has always be one of the most important aspects of cloud audit. How to record the operation of cloud database and standardize the internal behavior and break through the bottleneck of cloud audit development. That becomes a hot topic of academic research. Based on this. Firstly, we introduces a overview of the cloud audit, give the issues of internal security. Moreover, we proposes a scheme on track and liability for cloud audit data, based on analyzes the related scheme technology. Furthermore, Microsoft Visual Studio was used to develop this system, along with a technology on track and liability to achieve liability afterwards. It proves the practicability, effectiveness and feasibility of the scheme by design simulation system model and system deployment mode. It provides solutions for the internal security problems in the development of cloud audit.
    Operation Platform of Passenger Transportation Safety Based on Vehicle Monitoring Data
    2018, 4(5):  473-479. 
    Asbtract ( )   PDF (2798KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of the highway transportation in China, peoples travel frequency is getting increasingly high, and the safety and efficient management of passenger vehicles in the operation process has also been increasingly valued. In response to the inadequacies of traditional passenger video surveillance systems, the ‘Keanbang’ Smart Operation Platform integrates knowledge and technologies in areas such as artificial intelligence, computer vision, and deep learning to provide effective technical support for intelligent supervision of the highway passenger transportation safety. The platform can carry out comprehensive and realtime intelligent supervision on 9 categories of violations such as overcrowding, speeding, fatigue driving, and bad driving behaviors of vehicles and drivers, which meets the requirements of supervision departments and passenger transportation enterprises for traffic safety supervision.
    Cyberspace Security Innovative Practice Education Methods
    2018, 4(5):  480-488. 
    Asbtract ( )   PDF (59301KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of information and information technology, cyberspace security has been involved in the entire social ecology and become a national strategy, there is no national security without cyberspace security. The training of cyberspace security talents has its urgency and prominence. Innovative ability is the soul of improving the quality of education and the core element of national competitiveness. Engineering practice education is the basis and prerequisite for the cultivation of innovative talents. Therefore, the construction of guarantee system for university innovation and engineering practice is critical. It is proposed that a brand new “teaching method of highlighting cultivation of innovative ability, emphasizing the development of individual and reflect the overall development of 54321 innovation and engineering practice” by inverse analysis, above the talent cultivation pattern of basis concerned, extensively knowledgeable, innovation capability enhanced, and internationalization and etc., under the new engineering and outcome-based education (OBE) environment, based on WULI-SHILI-RENLI (WSR). Furthermore, it is discussed systematically and deeply that the basic attribute, ability, element and content of innovation and project practice teaching, and we construct and implement the program of diverse and dense innovation practice, science and education collaborative development, the cooperation of university and enterprise. The experimental center is the base point for the students, and the experiment of innovation and engineering practice is carried out in an allaround way. The results show that the application effect is significant. Methods from the system level and the top level, we will fully support and ensure the continuous enhancement of College Students' innovation and engineering practice ability. Students will benefit from a wide range filed, which is conducive to the establishment of innovative talents growth environment of new engineering ecology, serving the national strategy of invigorating the nation through science and education and the strategy of building a powerful country with talents. At the same time, the guidance and demonstration effect of the method is strong and the application value is high.